KT Connections Blog

KT Connections has been serving the Rapid City area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

KT Connections can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling 605-341-3873 for more information.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 23 January 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Privacy hackers Technology Email malware Cloud Internet Business Computing Network Security Google software User Tips Business Efficiency Backup Ransomware Data Small Business Mobile Device Management IT Support Microsoft Computer IT Support Android Smartphone Windows Hosted Solutions Mobile Devices Managed IT Services Gmail Productivity cybersecurity VoIP Network Money Facebook Hardware Phishing Business Continuity communications Windows 10 Data Management Internet of Things Operating System Microsoft Office Cloud Computing Alert Artificial Intelligence Data Security IT Management Bandwidth Upgrade Outsourced IT security cameras Disaster Recovery IT Services Unified Communications Hard Drive Social Media data breach End of Support Apple vulnerability Passwords Managed IT Services Communication Robot Nextiva BDR Business Management Smartphones Outlook Encryption Antivirus Cost Management Office 365 Data storage Update Networking Legal The Internet of Things botnet South Dakota Apps Project Management BYOD Analytics Gadgets WiFi Drones Collaboration IoT Holiday History YouTube Server security solutions Best Practice Remote Monitoring Social Engineering Firewall Innovation Customer Service Productivity IBM Search Law Enforcement Spam Google Maps Scam Windows 10 Lunch and Learn Information Security Bitcoin Data Recovery Browser Start Menu Save Money Automation Saving Money Politics vulnerabilities Document Management SaaS News Information Technology App Data Backup Cryptocurrency Digital Events Access Control Data Protection Word Patch Management Event Marketing Local Buzz Hacking Google Wallet Big Data Google Docs macbook Virtual Assistant Redundancy Vendor Management Worker Spyware Rebrand Hack booking process Audit Cloud Backup Google Drive Flash Rapid City Virus Social File Sharing IT Consultation Mouse Mobile Device enterprise productivity software Monitors Web Servers DDoS attacks Applications Education Hosted Solution Local Technology Event Maintenance Virtual Machines Telephony Settings IoT Devices Law IT Workers IT Assessment Experience Solid State Drive Physical Security SharePoint DDoS Hard Drive Disposal Managed Service Provider Displays Internet 101 Cache Tips and Tricks Sales Tax security precautions password manager LastPass Mixer Fortinet Risk Creep VoIP IT Security Lawyers Business Cards Workplace Tips Samsung IT Strategy Sports email scam Fast food Emergency Wireless Technology Proactive IT Internet Connected Devices IT for Oil Companies LiFi Quick Tips user confidence Vendors Business Security Bluetooth Freedom of Information Laptop IT Solutions Office Tips Tablets Administration Unified Threat Management eWaste Business Technology Society Communications Streaming Media Music How To Risk Management Time Management Visible Light Communication Mobility Community Involvement Printing Safety Fake News Tablet Attorneys Cybercrime face Computing Infrastructure Government Disaster Windows 8 Writing Phone System Windows XP Kaseya Unified Threat Management Website LastPass Download Downloads surveillance cameras Microsoft Excel communication device SOX Managed Services Compliance Content Filtering Virtual Reality Cortana Tech Support Hardware as a Service Black Market Kaseya Connect Advertising healthcare Google Calendar Trend Micro business owner Sarbanes-Oxley Act Computer Care Managed IT AtomBombing Knowledge Printer Retail HaaS Virtual Desktop Conference Business Comunications Distributed Denial of Service Email Security tool Business Communications Memory Google Play Store Blockchain communication solutions End User Testing VPN Running Cable Press Release Chamber of Commerce appointment Tech Terms Uninterrupted Power Supply Vendor Mangement Business Growth Touchscreen Network Congestion Virtualization Comparison identity theft Excel Deep Learning Cabling Dell ’s Sonicwall Global Management System Microsoft Office 365 Business Mangement Websites Webcam Penetration Testing Specifications media experience camera Tip of the week Cleaning Office Access botnet attack Password Microsoft Bookings Microsoft Office 365 features Corporate Profile Programming Software as a Service Phishing Scams Budget Remote Computing Television information Reading Wi-Fi collaboration capabilities Machine Learning Paperless Office Hiring/Firing Bring Your Own Device Administrator Relocation Documents Hacker Users Text Messaging base infrastructure PDF Computing CCTV Hacks Phone Systen Automobile security solution IT service Web Server Language Protection Notifications Meetings Business Metrics end-of-support date Ordinary Computers Miscellaneous CrashOverride holiday season Emails Rental Service Chromebook UTM Tracking Flexibility quantum computers Downtime holidays Supercomputer Marketing Threat management Reliable Computing Telephone Systems Piracy scammers IT Consultant Health Twitter Scalability network security professionals Banking Software License scams G Suite Training 3D Printing Computer Malfunction Travel Playbook Processors Employer-Employee Relationship Sync Employer Employee Relationship Messenger Digital Payment Private Cloud breach methods Microchip Work/Life Balance In Internet of Things Books Motion Sickness Public Cloud Taxes